﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using MiniScrum.Models;
using System.Web.Security;

namespace MiniScrum.Controllers
{
    public class UserController : Controller
    {
        //
        // GET: /User/
        public ActionResult List()
        {
            return View(MiniScrum.Models.User.GetList());
        }

        //
        // GET: /User/Details/5
        [Authorize(Roles = "Admin")]
        public ActionResult Details(int id)
        {
            return View(MiniScrum.Models.User.GetById(id));
        }

        //
        // GET: /User/Create
        [Authorize(Roles = "Admin")]
        public ActionResult Create()
        {
            return View();
        }

        //
        // POST: /User/Create
        [HttpPost]
        [Authorize(Roles = "Admin")]
        public ActionResult Create([Bind(Exclude = "Id")]User newUser)
        {
            if (ModelState.IsValid)
            {
                try
                {
                    MiniScrum.Models.User.Create(newUser);
                    return RedirectToAction("List");
                }
                catch (ArgumentException ex)
                {
                    ModelState.AddModelError("", "Some of the provided information is incorrect: " + ex.Message);
                }
                catch
                {
                    ModelState.AddModelError("", "An unexpected error ocurred while trying to save the user. ");
                }

            }
            return View(newUser);
        }

        //
        // GET: /User/Edit/5
        [Authorize(Roles = "Admin")]
        public ActionResult Edit(int id)
        {
            using (var db = new MiniScrumDB())
            {
                return View(MiniScrum.Models.User.GetById(id));
            }
        }

        //
        // POST: /User/Edit/5
        [HttpPost]
        [Authorize(Roles = "Admin")]
        public ActionResult Edit(int id, User user)
        {
            try
            {
                MiniScrum.Models.User.Update(user);
                return RedirectToAction("List");
            }
            catch
            {
                return View();
            }
        }

        //
        // GET: /User/Delete/5
        [Authorize(Roles = "Admin")]
        public ActionResult Delete(int id)
        {
            MiniScrum.Models.User user = MiniScrum.Models.User.GetById(id);
            return View(user);
        }

        //
        // POST: /User/Delete/5
        [HttpPost]
        [Authorize(Roles = "Admin")]
        public ActionResult Delete(int id, FormCollection collection)
        {
            try
            {
                MiniScrum.Models.User.Delete(id);

                return RedirectToAction("List");
            }
            catch
            {
                return View();
            }
        }

        [AllowAnonymous]
        public ActionResult Logon()
        {
            return View();
        }

        [AllowAnonymous]
        [HttpPost]
        public ActionResult Logon(LogonModel logon, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                User user = MiniScrum.Models.User.GetUser(logon.UserName, logon.Password);
                if (user != null && user.Identity.IsAuthenticated)
                {
                    FormsAuthentication.SetAuthCookie(user.UserName, false);
                    if (Url.IsLocalUrl(returnUrl))
                    {
                        return Redirect(returnUrl);
                    }
                    else
                    {
                        return RedirectToAction("Index", "Home");
                    }
                }
                else
                {
                    ModelState.AddModelError("", "Invalid username/password");
                }
            }

            return View(logon);
        }

        public ActionResult Logout()
        {
            FormsAuthentication.SignOut();
            return RedirectToAction("Logon");
        }
    }
}
